Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activity vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-4550
The User Activity WordPress plugin up to and including 1.0.1 checks headers such as the X-Forwarded-For to retrieve the IP address of the request, which could lead to IP spoofing
User Activity Project User Activity
NA
CVE-2023-4281
This Activity Log WordPress plugin prior to 2.8.8 retrieves client IP addresses from potentially untrusted headers, allowing an malicious user to manipulate its value. This may be used to hide the source of malicious traffic.
Activity Log Project Activity Log
1 Github repository
NA
CVE-2022-27858
CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Activity Log Project Activity Log
NA
CVE-2022-3941
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be ini...
Activity Log Project Activity Log -
4.3
CVSSv2
CVE-2016-0240
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 does not enable the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information ...
Ibm Security Guardium Database Activity Monitor 9.1
Ibm Security Guardium Database Activity Monitor 9.0
Ibm Security Guardium Database Activity Monitor 8.2
Ibm Security Guardium Database Activity Monitor 10.1
Ibm Security Guardium Database Activity Monitor 10.01
Ibm Security Guardium Database Activity Monitor 10.0
Ibm Security Guardium Database Activity Monitor 9.5
9
CVSSv2
CVE-2016-0236
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 allows remote authenticated users to execute arbitrary commands with root privileges via the search field.
Ibm Security Guardium Database Activity Monitor 10.0
Ibm Security Guardium Database Activity Monitor 8.2
Ibm Security Guardium Database Activity Monitor 10.1
Ibm Security Guardium Database Activity Monitor 10.01
Ibm Security Guardium Database Activity Monitor 9.5
Ibm Security Guardium Database Activity Monitor 9.0
Ibm Security Guardium Database Activity Monitor 9.1
6.5
CVSSv2
CVE-2016-0241
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 allows remote authenticated users to spoof administrator accounts by sending a modified login request over HTTP.
Ibm Security Guardium Database Activity Monitor 9.0
Ibm Security Guardium Database Activity Monitor 9.1
Ibm Security Guardium Database Activity Monitor 8.2
Ibm Security Guardium Database Activity Monitor 10.1
Ibm Security Guardium Database Activity Monitor 10.01
Ibm Security Guardium Database Activity Monitor 9.5
Ibm Security Guardium Database Activity Monitor 10.0
7.2
CVSSv2
CVE-2016-0328
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x up to and including 9.5 before p700, and 10.x up to and including 10.1 before p100 allows local users to obtain administrator privileges for command execution via unspecified vectors.
Ibm Security Guardium Database Activity Monitor 10.1
Ibm Security Guardium Database Activity Monitor 9.1
Ibm Security Guardium Database Activity Monitor 9.0
Ibm Security Guardium Database Activity Monitor 8.2
Ibm Security Guardium Database Activity Monitor 10.0
Ibm Security Guardium Database Activity Monitor 10.01
Ibm Security Guardium Database Activity Monitor 9.5
5.1
CVSSv2
CVE-2006-2735
PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE:...
Activity Mod Plus Activity Mod Plus 1.1.0
1 EDB exploit
9
CVSSv2
CVE-2018-15877
The Plainview Activity Monitor plugin prior to 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainview_activity_monitor&tab=activity_tools request.
Plainview Activity Monitor Project Plainview Activity Monitor
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »